Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
CSS Stylesheet
.aui-tabs.horizontal-tabs>.tabs-menu>.menu-item>a {
padding: 10px 20px 10px 20px
}
Panel
borderColor#000000
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#000000
borderStylesolid
titleIntroduction

Use this guide to enable a SecureAuth IdP realm to utilize a Fingerprint Finder begin site.

At this begin site, SecureAuth IdP can search for a Fingerprint Device Recognition Profile cookie and extract the user ID from it. From there, the end-user follows the SecureAuth IdP workflow configured in the realm (e.g. Multi-Factor Authentication) without requiring to enter the user ID, and is asserted to the Post Authentication target.

Panel
borderColor#444443#444544
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#444443#444544
borderStylesolid
titlePrerequisites
UI Expand
title1.
 Have a Fingerprint
Have a Device / Browser Profile Cookie
Expand

In the Browser / Mobile Device Digital FingerprintingRecognition section in the Workflow tab, ensure that in the Normal Browser Profile Settings and Mobile Profile Settings, Cookie is selected from the FP Mode dropdown dropdowns

Section
Column
width50%

Column
width50%

2. Create a New Realm or edit an existing realm to which Cert Finder will be applied applies in the SecureAuth IdP Web Admin

3. Configure the following tabs in the Web Admin before configuring for Cert Finder:

  • Overview – the description of the realm and SMTP connections must be defined
  • Data – an enterprise directory must be integrated with SecureAuth IdP
  • Workflow – the way in which users will access the target must be defined
  • Registration Methods / Multi-Factor Methods – the Multi-Factor Authentication methods that will be used to access the target (if any) must be defined
  • Post Authentication – the target resource or post authentication action must be defined
  • Logs – the logs that will be enabled or disabled for this realm must be defined
Info

The Registration Methods tab in SecureAuth IdP Version 9.0 has been renamed Multi-Factor Methods as of Version 9.0.1

Panel
borderColor#135570#145570
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#135570#145570
borderStylesolid
titleSecureAuth IdP Configuration Steps
#116490#116490
Localtab Group
Localtab
titleVersion 9.0.0
Panel
borderColor
#126591
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor
#126591
borderStylesolid
titleWorkflow
Section
Column
width50%
Image Removed

Image Added

Column

 

1. In the Workflow section, set the Invalid Persistent Token Redirect to the SecureAuth IdP realm in which end-users can enroll for a

fingerprint

device / browser profile cookie

If end-users land on the Fingerprint Finder begin site without a valid

Fingerprint

profile cookie, then they

will be

are redirected to this realm to enroll for a

fingerprint

profile cookie that can then be used for the begin site

It is recommended that the enrollment realm have the same Post Authentication action so that the end-user

will end

ends up at the same destination despite the realm

#007fb2#007fb2 Front End
Panel
borderColor
#3e7fa0
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor
#3e7fa0
borderStylesolid
titleCustom
Identity Consumer
Section
Column
width50%
Image Removed

Image Added

Column

 

2. Select Token from the Receive Token dropdown

3. Select True from the Require Begin Site dropdown

4. Select Fingerprint Finder from the Begin Site dropdown

5. FPFinder.aspx

 will

auto-

populate

populates in the Begin Site URL field

Localtab
activetrue
titleVersion 9.0.1+
Panel
borderColor#116490
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#116490
borderStylesolid
titleWorkflow
Section
Column
width50%

Image Removed

Column

 

1. In the Workflow section, set the Invalid Persistent Token Redirect to the SecureAuth IdP realm in which end-users can enroll for a fingerprint cookie

If end-users land on the Fingerprint Finder begin site without a valid Fingerprint cookie, they will be redirected to this realm to enroll for a fingerprint cookie that can then be used for the begin site

It is recommended that the enrollment realm have the same Post Authentication action so that the end-user will end up at the same destination despite the realm

Panel
borderColor#007fb2
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#007fb2
borderStylesolid
titleCustom Identity Consumer
Section
Column
width50%

Image Removed

Column

 

2. Select Token from the Receive Token dropdown

3. Select True from the Require Begin Site dropdown

4. Select Fingerprint Finder from the Begin Site dropdown

5. FPFinder.aspx will auto-populate in the Begin Site URL field

UI Text Box
typewarning

Click Save once the configurations have been completed and before leaving the Workflow page to avoid losing changes